https://bugzilla.suse.com/show_bug.cgi?id=1228380 https://bugzilla.suse.com/show_bug.cgi?id=1228380#c8 --- Comment #8 from Cathy Hu <cathy.hu@suse.com> ---

---- time->Thu Aug 1 19:17:34 2024 type=AVC msg=audit(1722503854.212:204): avc: denied { search } for pid=14253 comm="grub" name="nscd" dev="tmpfs" ino=4234 scontext=system_u:system_r:snapper_grub_plugin_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir permissive=0 ---- time->Thu Aug 1 19:17:34 2024 type=AVC msg=audit(1722503854.212:205): avc: denied { search } for pid=14253 comm="grub" name="nscd" dev="tmpfs" ino=4234 scontext=system_u:system_r:snapper_grub_plugin_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir permissive=0 ----

This looks different, is less in volume, and the original two messages are gone, should I file a new bug for that?

ah thanks, yes these are new, i opened another bug: https://bugzilla.suse.com/show_bug.cgi?id=1228745

I'm sorry I'm a bit noob at this, would you mind telling me the command to get the file to attach?

I was going to attach the output of ` sudo ausearch -m AVC,USER_AVC -c snapper -c grub >~/Desktop/ausearch.txt ` It's ~7MB and I feel like maybe I'm doing it wrong, perhaps there's a way to filter out all the dupes? I could filter it to just today, and that will capture all the different states.

just filter with `-ts <time>`, e.g. `ausearch -m avc -ts 19:17', i actually dont know if you could filter out duplicates with ausearch, maybe pipe into grep. or just attach the whole file :D -- You are receiving this mail because: You are on the CC list for the bug.